HPE Community
Operating System - HP-UX
1751868 Members
5181 Online
108782 Solutions
New Discussion

Nullify a file from sudo

 
Trng
Super Advisor

‎09-23-2012 06:10 AM

‎09-23-2012 06:10 AM

Nullify a file from sudo

Hi  Team,

 

is it possible to nullify a file from sudo .i have tried to nullify a file using sudo ,but showing command found /permission denied

 

 

sudo >  /var/adm/wtmps

 

sudo /dev/null /var/adm/wtmps

sudo /dev/null > /var/adm/wtmps

 

 

 

above commands are not working on UNix with sudo ..is it possible ?

 

 

rgds,suresh

administrator
0 Kudos
Reply
5 REPLIES 5
Matti_Kurkela
Honored Contributor

‎09-23-2012 08:30 AM - edited ‎09-23-2012 08:42 AM

‎09-23-2012 08:30 AM - edited ‎09-23-2012 08:42 AM

Re: Nullify a file from sudo

The problem is that the redirection operators like > are parsed by your current shell before the command is executed.

This means the redirection is done as a regular user, not as root.

 

  • sudo > /var/adm/wtmps

This tells the shell to run "sudo" without any parameters and send the resulting non-error output (if any) to /var/adm/wtmps. If sudo is run without any parameters, it will display an "usage" message as error output, and there will be no non-error output at all. The output redirection fails because your session is not already running as root.

 

  • sudo /dev/null /var/adm/wtmps

This tells sudo to run /dev/null as root, with /var/adm/wtmps as a parameter. Because /dev/null is not an executable program, this will fail without doing anything at all.

 

  • sudo /dev/null > /var/adm/wtmps

This tells the shell to send the non-error output of the "sudo /dev/null" command into /var/adm/wtmps. But because the output redirection happens as a non-root user, the output redirection fails. If the command gets as far as attempting to run "sudo /dev/null", that would also fail like the previous example, because /dev/null is not an executable program.

 

The most simple & clear way to do this might be:

echo "> /var/adm/wtmps" > /tmp/clear-wtmps.sh
sudo sh /tmp/clear-wtmps.sh
rm /tmp/clear-wtmps.sh

 

 

MK
0 Kudos
Reply
Trng
Super Advisor

‎09-23-2012 08:55 AM

‎09-23-2012 08:55 AM

Re: Nullify a file from sudo

Hi MK,
What is the best way to nullify a file using sudo?
administrator
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎09-23-2012 09:09 PM

‎09-23-2012 09:09 PM

Re: Nullify a file from sudo

You might try:

 

sudo cat /dev/null > /var/adm/wtmps

0 Kudos
Reply
Steven Schweda
Honored Contributor

‎09-23-2012 10:06 PM

‎09-23-2012 10:06 PM

Re: Nullify a file from sudo

 
0 Kudos
Reply
Matti_Kurkela
Honored Contributor

‎09-24-2012 06:27 AM

‎09-24-2012 06:27 AM

Re: Nullify a file from sudo

(Now I'm again with a broadband network connection, so I have all my usual references available to me, unlike when I gave my previous answer. In particular, I again have convenient access to all HP-UX man pages.)

 

The problem is two-fold: first, you must quote or escape the ">" so that it will be passed through sudo. Otherwise it will be implemented directly by your current shell using your regular user account, and it will fail.

 

Second, ">" is not an executable file: it is not even a proper shell built-in command, but a redirection operator.

Sudo is a command that runs executable files as some other user: sudo "> /var/adm/wtmps" would make sudo look for an executable named literally "> /var/adm/wtmps", which obviously does not exist.

 

When you run a command like "sh <something>", the shell generally expects <something> to be a file, not an arbitrary command line.  (Just like sudo!)

 

Fortunately, the HP-UX /bin/sh has the -c option (and now I could verify it from the man pages!), which can be used to pass an arbitrary command line to the shell on the command line that is used to start that shell.

 

So this one-liner will work (I tested it on a HP-UX system):

sudo /bin/sh -c "> /var/adm/wtmps"

This will also work:

echo "> /var/adm/wtmps" | sudo /bin/sh

This is equivalent to the previous one, but without the explicit "echo" command:

sudo /bin/sh <<EOF
> /var/adm/wtmps
EOF

 

My original answer can be expected to work on pretty much all normal shells on all Unix-style systems, and is easily understandable and verifiable even if you don't understand the finer details of shell command quoting. This is why I originally called it "the most simple": simplest to understand, although it definitely wasn't the most elegant.

MK
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.